Privacy Option Proposed To Control Behavioral Ads

techinsider sends this quote from Security Week: "A group of media and marketing trade associations, with support from the Council of Better Business Bureaus, today announced the details of a self-regulatory program designed to give consumers enhanced control over the collection and use of data regarding their Web viewing for online behavioral advertising purposes. The program promotes the use of the 'Advertising Option Icon' and accompanying language, to be displayed within or near online advertisements or on Web pages where data is collected and used for behavioral advertising. The Advertising Option Icon indicates a company's use of online behavioral advertising and adherence to the Principles guiding the program. Similar to a Web site’s privacy policy, consumers will be able to link to a clear disclosure statement regarding the company's online behavioral advertising data collection and use practices as well as an easy-to-use opt-out option."

TRUSTe all over again?

[mlts]

Didn't we go through this before with the TRUSTe logo of showing if the site only used the information in-house versus sharing with others?

This just seems like more feel good PR fluff, like the P3P stuff about a decade ago. We don't need more "assurances" about privacy. We need the data not to be collected in the first place. No Flash shared objects. No shared objects in Quicktime or other add-ons. No using tricks in a browser to "personalize/individualize" content.

Re:TRUSTe all over again?

[Monkeedude1212]

I agree. I think if anyone wants information from me they should have to ask me for it. They should not be able to collect any more information on me anymore than I should be able to collect information on whoever is interested and using the data. And if that's an advertising firm with 200+ employees than I want the browsing habits of all 200+ employees. I'd probably settle for just the CEO. Just a simple exchange of information, right? No different than sharing our names. But like I said earlier, they should have to ask, and I should have the right to refuse. Simple as that. Why should browsing habits be considered any less private than how I put on my pants in the morning, yet if someone wanted to sit outside my window and take readings on that - I could get them arrested.

Re:TRUSTe all over again?

[hedwards]

There isn't really a problem. There isn't a realistic expectation of privacy in public mainly because by default it's a public place. There's other people there that can see you, so obviously there's not going to be any privacy.

Online is a bit trickier, but it's largely private, people don't know where the data is going between them and the server, but those parties in the middle shouldn't be allowed to collect data beyond what's necessary to keep their infrastructure running. And definitely no personal information.

Ads are more like stalking than they are like other people in a public space. While you don't have any right to privacy in a public area, it is still illegal to follow people around and make note of where they're going without consent. Generally it comes under stalking prohibitions.

Re:TRUSTe all over again?

[mlts]

This is only going to get worse. Even if the website has a privacy guarantee, there are plenty of other parties that can steal private info and sling ads with potential browser exploits:

The ad serving company. If it pays them to have blackhats put on exploits randomly, they will do it, assuming they don't get caught.

Ad clients who have their own servers.

ISPs using Phorm-esque MITM appliances to modify the connection in flight. This is a very lucrative thing for ISPs, because they can not just replace ads, but capture click-throughs and other data. And since there are zero laws preventing this, queries that were typed in on one webpage can be redirected to another.

Moral: A legal solution won't be happening anytime soon.

My way of fighting against advertisement:

Here's how I fight against advertisement:

I never buy anything that has been advertised to me, period.

Advertising is not only annoying, but often it's rather immoral with it's use of "behavior modification" techniques.

Everyone should boycott any product that's advertised in annoying ways.

Re:My way of fighting against advertisement:

[Abstrackt]

Here's how I fight against advertisement:

I never buy anything that has been advertised to me, period.

Advertising is not only annoying, but often it's rather immoral with it's use of "behavior modification" techniques.

Everyone should boycott any product that's advertised in annoying ways.

How do you buy food?

The bakery in your local grocery store wafts the smell of fresh bread for a reason and the sugary cereals sitting on the lower shelves are decorated brightly so the little ones can pick them out more easily. Even at the less devious end of the scale, like a farmer's market, you still need to be advertised to to know the product exists, right?

Re:No thanks.

[zeropointburn]

You must not use any sites that have been forced to host and embed ads because their readership blocks the advertisers. I would much rather be able to allow or deny ads not just by advertiser (doubleclick can burn in hell), but by site as well. Then I could block all the ads on various slashdot links while still allowing ads at sites I like. Wish someone would do that with adblock/noscript.

Re:Abuse

However, like the wildly popular Do Not Call registry and a voluntary program for direct mail, these do reduce the annoyance level a bit, because there are advertisers with scruples.

I've more or less been forced to conclude that anybody still calling me here in Canada (we have slightly different rules) is either fraudulent, too stupid to look up the registry, or has been given an exemption (ie they're a charity or something). I even see a lot of bogus caller IDs -- a very high percentage of them actually.

Being on the Do Not Call registry mean that any telemarketer who gets through (and they do) gets a very rude and abrupt "fuck the hell off". As a deterrent to calling me, the registry serves no purpose. Profanity seems to at least put them off their game.

My problem is, there's so many fraudulent callers, I'm forced to conclude that they all are since I have no real way of knowing. So, every telemarketer who calls is presumed to be a lying sack of shit ... it makes the decision tree much shorter. They probably are.

Re:"Opt-out" indeed

[hedwards]

I'm not sure about these days, but I did spend a bit of time unsubscribing from spam for a while. It was a junk account that I was going to have to abandon either way. The results were a noticeable reduction in spam messages pretty quickly, then a gradual increase over time. I'm not sure what the actual explanation is, given that most spammers don't have any way of receiving a response to their spam, other than through a store.

let me just reply to myself and invite a downmod

[spazdor]

As another example, I can recall a couple IM programs with an "auto-away" feature, which activates after a certain period of idleness, but automatically deactivates as soon as you move the mouse, regardless of which window has focus. I would choke that program down to receiving mouseclick and keyboard events only. No mouseover, no GetFocus(or whatever the damn API calls it), just the facts.